To say that the EU General Data Protection Regulation (GDPR or the Regulation) will change the existing data protection framework in Europe is an understatement. In less than a year, an ambitious, complex and strict law will transform the way in which personal information is collected, shared and used globally.

It is fair to say that the GDPR aims to take data protection compliance to a new level. Therefore, it is essential that we appreciate what is significant about the GDPR in relation to both private equity funds and the companies they invest in.

The Regulation will apply in all Member States from 25 May 2018 and therefore the time to start preparing is now. The changes to the existing regime present a good opportunity to refocus on and improve the way your organization manages personal data. Remember too that with new steeper fines for failure to comply with the GDPR, you should ignore your portfolio companies’ compliance at your peril – such significant fines could cause serious diminution in portfolio values.